[strongSwan-dev] [Strongswan]: Node is replying for ISAKMP message for unconfigured connection
jegathesh malaiyappan
mjegakathir at gmail.com
Sat Mar 16 12:13:40 CET 2013
16:11:01.349352 IP 4.1.1.1.isakmp > 4.1.1.10.isakmp: isakmp: phase 2/others
? #37[]
16:11:01.349602 IP 4.1.1.10.isakmp > 4.1.1.1.isakmp: isakmp: phase 2/others
? #37[]
16:11:11.349635 IP 4.1.1.1.isakmp > 4.1.1.10.isakmp: isakmp: phase 2/others
? #37[]
16:11:11.349875 IP 4.1.1.10.isakmp > 4.1.1.1.isakmp: isakmp: phase 2/others
? #37[]
On Sat, Mar 16, 2013 at 4:36 PM, jegathesh malaiyappan <
mjegakathir at gmail.com> wrote:
> Hi,
>
>
>
> *Strongswan : 4.5.3 *
>
>
>
> *NODE A* ß
> -----------------------------------------------------------------------àNODE
> B
>
> (Initiator &
> Responder)
> (Initiator & Responder)
>
>
>
> NODE A ---à conn403 is configured in NODE A
>
> NODE B --à conn403 is not configured in NODE B
>
>
>
> NODE A is sending ISAKMP message to NODE B. This is excepted behavior.
>
>
>
> But, NODE B is responding for this un-configured connection message.
>
>
>
> Is this expected behavior in Strongswan? Please clarify me this.
>
>
>
> <snip>
>
> conn conn403
>
> type=tunnel
>
> leftsubnet=4.1.1.1/32
>
> rightsubnet=40.1.1.100/24
>
> left=4.1.1.1
>
> right=4.1.1.10
>
> keyexchange=ikev2
>
> reauth=no
>
> ike=aes128-sha1-modp1024,3des-sha1-modp1024!
>
> ikelifetime=84395s
>
> esp=aes128-sha1,3des-sha1!
>
> authby=pubkey
>
> rightid=%any
>
> leftid="192.168.255.129"
>
> keylife=86400s
>
> dpdaction=restart
>
> dpddelay=10
>
> dpdtimeout=120
>
> rekeyfuzz=50%
>
> rekeymargin=180s
>
> </snip>
>
>
> Thanks in advance.
>
>
> -Jegathesh
>
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/dev/attachments/20130316/b512b66d/attachment.html>
More information about the Dev
mailing list